Skip to content

Commit 96bae68

Browse files
sunnywuclaude
sunnywu
and
claude
committed
UID2-6617: Fix CVE-2026-26996 minimatch ReDoS vulnerability
Add minimatch override to ^10.2.1 to resolve CVE-2026-26996 (HIGH severity ReDoS vulnerability via repeated wildcards with non-matching literal in pattern). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent 4f4b988 commit 96bae68

2 files changed

Lines changed: 19 additions & 127 deletions

File tree

package-lock.json

Lines changed: 18 additions & 127 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,7 @@
5151
},
5252
"overrides": {
5353
"body-parser@1": "1.20.3",
54+
"minimatch": "^10.2.1",
5455
"path-to-regexp@0": "0.1.12",
5556
"path-to-regexp@1": "1.9.0",
5657
"path-to-regexp@2": "8.0.0",

0 commit comments

Comments
 (0)